[Samba] roaming profiles odd.

Craig White craigwhite at azapple.com
Fri Dec 2 22:16:11 GMT 2005 

On Fri, 2005-12-02 at 13:39 -0500, Jack Mendez wrote:
> using samba 3.14a, windows xp sp2 configured with roaming profiles.
> the profile seems to download properly but the start menu seems to be
> empty of shortcuts.
> anything tht requires reading of files seems to be acting strangely
> the files exist on the server but somehow they are not read on the
> workstation
>  all of the /profiles/username directories are configured exactly the same.
> drwx------  13 mmyuser  staff     4096 2005-12-01 15:00 agarceau
> drwx------  14 guest1    guest1    4096 2005-12-01 17:43 guest1
> the /profiles dir has the following permissions.
> drwxrwsr-x  17 root root  4096 2005-11-30 11:43 profiles
> 
> etc.
> not sure what i have wrong here but any ideas would be great.
----
Since you didn't follow the instructions and answering the questions I
asked you to verify a few days ago, I hesitated in answering this.

It strikes me as logical to find out the common 'Domain Users' group
that all users would belong to...

# net groupmap list|grep "Domain Users"
Domain Users (S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-513) ->
dom_users

note that the posix(unix/linx) name for the group is dom_users.

All of my users belong to that group - thus their sambaPrimaryGroupSID
is that SID.

chmod 775 /profiles
chgrp dom_users /profiles -R

The person who suggested that you set /profiles to 777 probably would
have worked but then you went and made it setguid which has to interfere
with that logic. This concept (setting /profiles to 777) probably is a
better idea if you have a lot of users and aren't going to make their
primary group the same but you are going to have to work it through. If
you are gonna do it this way, I would suggest that you...

chmod g-s /profiles
chmod 700 /profiles/* -R

Note - the two methods I have suggested are mutually exclusive.

Craig

PS - your top mounted replies make it harder to respond to you.
   - your lack of answers to the things that I asked you to verify
previously made me stop answering

More information about the samba mailing list